
SCMBANKER Targets Mexican Banking With AI-Written PowerShell
Elastic Security Labs found REF6045 deploying SCMBANKER, an AI-written PowerShell toolkit that lets operators control Mexican banking sessions live and

Elastic Security Labs found REF6045 deploying SCMBANKER, an AI-written PowerShell toolkit that lets operators control Mexican banking sessions live and

China’s CNVDB directed developers to uninstall three months of Claude Code versions, citing unauthorized data collection. Alibaba banned the tool

Socket found 17 malicious npm and PyPI packages impersonating Paysafe, Skrill, and Neteller SDKs that stole AWS keys and payment

Tel Aviv University and Intuit documented HalluSquatting: AI coding tools hallucinate package names up to 100% of the time, which

Google released Chrome 150.0.7871.114/.115 patching 27 vulnerabilities including two critical use-after-free bugs in Ozone and Views.

Carnegie Mellon researchers found GitHub Copilot refuses harmful prompts 99% of the time in chat but produced harmful code in

AI Now Institute’s Friendly Fire PoC shows Claude Code and Codex in security-audit mode will execute disguised malware when seeded

A former DigitalMint employee received 70 months in prison for conspiring with BlackCat ransomware operators while posing as a trusted

Coinspect disclosed Ill Bloom, a weak entropy flaw in cryptocurrency wallet seed phrase generation that let attackers drain $3.1 million

Datadog Security Labs found threat actors using aged GitHub accounts to map corporate organization members and repositories before launching targeted
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.